WordPress.org

Ready to get started?Download WordPress

Forums

Stop Spammers
Comcast users cannot install plugin (6 posts)

  1. k2_1971
    Member
    Posted 1 year ago #

    My dynamic IP address starts with 24.x.x.x - installed your plugin (version 4.0, WP 3.4.2), went to activate it and received this error:

    Plugin could not be activated because it triggered a fatal error.
    
    Reason code: sbl.spanhaus:153,2,24
    ip: 24.x.x.x

    I x'ed out my current IP address for obvious reasons. So I went to the spamhaus website, discovered that the entire 24.0.0.0/12 block of IP addresses is listed in their PBL database. I'm unable to remove my address from that list, site would not allow it.

    So I took a look at your code, and found this in stop-spammer-registrations.php...

    $iplist = array(
    'sbl.spamhaus' => '.sbl.spamhaus.org',
    'xbl.spamhaus' => '.xbl.spamhaus.org',
    'dsbl' => '.list.dsbl.org',
    'sorbs' => '.dnsbl.sorbs.net',
    'spamcop' => '.bl.spamcop.net',
    'ordb' => '.relays.ordb.org',
    'njabl' => '.dnsbl.njabl.org'

    and I commented out each spam database site one by one. Every single spam site listed in your plugins array considers 24.0.0.0/12 as a spam source. That is a significant number of comcast internet users. I would have to comment out that entire array list to be able to activate this plugin, and in doing so would defeat the purpose of said plugin.

    Suggestions? :)

  2. kpgraham
    Member
    Plugin Author

    Posted 1 year ago #

    Download the beta for 4.1 which is on my site: http://www.blogseye.com

    In the beta, I have already pulled back the activation check and now just post stern warnings the first time the settings page is accessed. I don't want anyone to get locked out of their own blog, but some people will be able to change the settings and still have a useful plugin. If users ignore the warnings or never go into the settings they do so at their own risk.

    As to why comcast should be blacklisted, I don't know. I will look into this and perhaps have a check box to not check spamhaus if it is a 22.xxx.xxx.xxx subnet.

    Keith

  3. kpgraham
    Member
    Plugin Author

    Posted 1 year ago #

    I have disable dnsbl in then current beta version.

    The subnets listed in the dnsbl sites are supposed to be their hosting sites, not their internet access ranges. So if you host a website with comcast it should probably be blocked as only programs will be accessing the internet. If you use comcast cable for browsing then it should not be blocked.

    It appears that the distinction is blurred, at least at comcast. I will check further when I get to work on Monday, but for now the dnsbl is gone.

    Keith

  4. k2_1971
    Member
    Posted 1 year ago #

    I don't host my website through Comcast. I use Comcast for my home internet provider.

    Here's why all of Comcasts dynamic range IP address blocks are on spamhaus's PBL list (quote from spamhaus's FAQ):

    The first thing to know is: THE PBL IS NOT A BLACKLIST. You are not listed for spamming or for anything you have done. The PBL is simply a list of all of the world's dynamic IP space, i.e: IP ranges normally assigned to ISP broadband customers (DSL, DHCP, PPP, cable, dialup). It is perfectly normal for dynamic IP addresses to be listed on the PBL. In fact all dynamic IP addresses in the world should be on the PBL. Even static IPs which do not send mail should be listed in the PBL.

    And it appears all of the other spam sites that your plugin checks against have this same list in their database. But for whatever reason, whether it's the spam sites or your script, these dynamic IP spaces are being viewed as a source of spam and subsequently being blocked. So that leads me to believe that this problem isn't just for Comcast users, but for any well known ISP. You're talking millions of users that could be affected.

    As I stated in my initial post, I went through one by one commenting out each site in the array block, and every single site came back saying my IP address was blocked w/ the same error code (153,2,24).

    I suggest having a real good look at what databases your plugin checks against - it's possible you're blocking a huge number of legitimate users along with the spam bots. Funny enough, my IP address did NOT show up at http://www.StopForumSpam.com. Perhaps that site only blocks known spammers IP addresses and/or known IP spaces and doesnt list every well known ISP's dynamic IP spaces.

  5. kpgraham
    Member
    Plugin Author

    Posted 1 year ago #

    It can't be blocking everyone. Very few ip addresses come back with a hit on DNSBL sites. DNSBL is a spam black list service. I get many comments on my websites and only occasional complaints that I am blocking someone, and it is usually because they are behaving like a spammer (public anonymous proxy users are the big problem).

    My program does not check the PBL, only the SBL (Spammers) and XBL (threats) lists at Spamhaus.

    I am will continue working on this. DNSBL should be a good way to block spammers.

    For now it is disabled in the beta.

    Keith

  6. kpgraham
    Member
    Plugin Author

    Posted 1 year ago #

    Found MASSIVE problems with DBSBL lookups. It was banning everyone with an IP that ends in 127.

    It looks like I started writing the check and then forgot to finish it.

    Please download the Beta Test at http://www.blogseye.com.

    There is a check page on blogseye that allows you check against a few methods and databases to see if your IP is valid and it will give you a clue as to why an IP may have been denied.

    Keith

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags